Paper: Challenges in Security for Cyber-Physical Systems
Author: Dr. Clifford Neuman
Center for Computer Systems Security
Information Sciences Institute
University of Southern California
Problem: The paper conveys the need for a design of security in Cyber Physical Systems (CPS). The several characteristics of the CPS such as physical environment, distributed management and control, uncertainty, real-time requirements must be considered when implementing a proper design of security in CPS.
Design approach: The paper suggests a design approach that integrates security features in CPS. The first step of the design approach is to define the authorised and unauthorised information flow, control flow and the availability requirements of the application. We need to consider both physical and also the cyber requirements of the system. All communication channels must be analyzed to ensure that the information, control, and communications constraints are met. The system could be compromised if the security features are not properly implemented.
If the security features are not properly set, it can result in incorrect specification of the information flow, control, and availability requirements, or errors in the implementation. Also, developing better network, operating system, and middleware components can enforce the specified constraints automatically.
1) Security of CPS has to be considered architecturally, not as a separate “security architecture”.
2) There is a need to develop models of trust.
3) Research to be done on modeling the security implications of physical interactions in cyber-physical systems.
4) Security for sensors and actuators in the field needs to be considered : Ex Techniques for tamper detection and input validation.
5) Consider security as part of system architecture and application development. The structure of data placement, system control, and monitoring of the system as a whole must consider the security implications.